Google Gets Serious About Malware on the Google Play Store

Unlike competitor’s app stores, Google is sharing the results of their battle with malware.

Android has won the smartphone OS battle. While iOS can claim a very distant second place standing, there is little doubt that most of the world is using Android on their smartphones. Because of this, and the open nature of the operating system, Android is a primary target for malware attacks. Just imagine, if you were a criminal coding malware, would you create something which would affect the largest market, or the smallest. The answer is clear. Because of this, Android has earned quite the reputation for being a malware magnet. It is a well earned reputation. However, Google has been fighting to make the Google Play Store a safe place for users. While there’s no doubt that malware has found it’s way on to the Google Play Store, Google has gotten much better at combating it.

Andrew Ahn, a Product Manager for Google Play has taken to Google’s Android Developer’s Blog to provide some facts about the battle against malware. Users may be shocked to hear that in 2017 alone, Google removed over 700,000 apps that violated the Google Play Store’s policies. This number is a 70% increase over the prior year. While these are shocking numbers, it should come as a relief that over 99% of these apps were identified and removed before any user ever installed them. This is a huge win. Ahn credits improvements in Google’s ability to detect abuse with weeding out these malicious actors. These improvements also resulted in the removal of 100,000 developer accounts, and better ways to identify those developers if they attempt to create new accounts. With these methods, Google is making it extremely difficult for bad actors to upload malicious apps to the Play Store.

Ahn goes on to describe the types of apps which Google removed from the Play Store last year.

Copycats: Apps which pretend to be other apps. This is stated to be the most common violation. These apps may utilize names, icons, and descriptions in order to trick users into downloading these apps.

Inappropriate content: Ahn states that tens of thousands of these apps were taken down last year. These are apps that violate the Play Store’s terms of service pertaining to inappropriate content such as pornography, extreme violence, hate, and illegal activities.

Potentially Harmful Applications (PHAs): While this is the smallest number of violations, these are the ones we as users are most worried about. PHAs are malware. Ahn states that since Google Play Protect launched in 2017, they’ve reduced the install rate of PHAs by 50%.

While Android has definitely earned it’s reputation for having large amounts of malware, Google’s Play Store has fought to protect it’s users from becoming victims of malware, and are continuing to improve it. As BlackBerry CEO John Chen previously stated, “We recognize that security is a cat and mouse game, requiring constant investment and innovation and that is what we do, day in, day out.” It looks like someone at Google was listening. Let’s hope they continue to do so.